MiSec Lansing Meetup September 14th 2016

This is the first official meeting in Lansing. The meetings will be hosted by TEKsystems. We are planning to stream the talks online. Keep up to date on Twitter and feel free to reach out for more information. Since this is a new location, we aren’t sure how many people will be attending. To ensure we have enough space, please RSVP here using eventbrite.

TITLE:
Learning Security The Hard Way

SPEAKER:
Benjamin Carroll (@taco_pirate) is an employee at a large utility in Michigan. Starting from modding Xbox’s at a young age, building websites in his free time, and hacking people for fun, he finally found himself in cyber security. He is now an advocate for cyber security education, as well as educating himself in every aspect of information security.

DESCRIPTION:
Are you a student in the cyber security field and often find yourself wondering what that transition into industry will be like? Do you feel prepared to take on the challenges of a real blue team? The answer is no, you aren’t; and I’ll tell you why. As well as what you need to do to prepare yourself.

DATE & (NEW) LOCATION:
Wednesday, September 14th, at 7 pm
TEKsystems
300 S Washington Sq, Suite 430
Lansing, MI 48933

Parking:
There are meters on S Washington Sq., an open parking lot on W Washtenaw St. and multiple parking ramps on S Capitol Ave.

Building entrance:
The main entrance to the building is actually on W Washtenaw St. in between the Sarnie Shoppe and The Runway. Once inside, go straight ahead where there are two elevators. Go up to the 4th floor. Upon exiting the elevators, go left and left around the corner. The TEK office is visible once going around the corner.

MiSec Jackson Meetup August 9th 2016

TITLE:
Injecting Security into the SDLC

SPEAKER:
Mark Good

DESCRIPTION:
Approximately 86% of all attacks are against application weaknesses. Yet less than 35% of security spending is on application design and development.
Without the inclusion of security during the requirements, design, build, and verification phases of development, security vulnerabilities can be inadvertently or maliciously introduced into the production environment. In this talk you will learn why it’s important to include security throughout the SDLC, what activities should be performed, and where in the SDLC to perform these activities.

Tuesday, August 9th, at 7 pm
Consumers Energy
One Energy Plaza`
Jackson, MI 49201

Please use the Francis Street parking deck.

Misec Southfield Meetup August 11th

David Schaefer is presenting Sheep, the Shepard, History, and Eugenics – A historical reminder on why  personal privacy matters when it comes to the government and corporations in the digital age.


Human history has dictated that we can’t trust our governments,  corporations, and other entities to watch out for our personal best  interests.  We will look at the Eugenics movement as a reminder of the  things governments can accomplish when they collect data, and then  continue our journey towards the Nazi regime and how they so efficiently  tracked humans via machines.
This all plays into the current age of  big data.  This talk touch base on things that went wrong, and some of  the ways we still have power to correct the current issues by building  up political and technical defenses.


This month’s lightning talk is by Paul Snyder, on diagramming threat flows.
 
Thursday, August 11th, at 7 pm
One Towne Square
7th Floor, Suite 700
Southfield, MI 48076

MiSec Jackson Meetup July 12th 2016

Title: Defense in Depth

Defense in Depth: We all have heard some security professionals describe defense-in-depth as “dead.” This could not be farther from the truth. The truth of the matter is that the art and science of defense-in-depth should be expanded in many organizations. We’ll also discuss the concept of Defense in Depth and introduce you to the Sliding Scale of Cyber Security.

Speakers: Don Warnecke and Mattew France

Tuesday, July 12th, at 7 pm
Consumers Energy
One Energy Plaza`
Jackson, MI 49201

Please use the Francis Street parking deck.

Misec Southfield Meetup June 16th

We have OWASP at #misec Southfield this month!

James Green will be presenting Web app testing – Don’t burp on your browser.

This talk will cover the basics of security controls that need to be in place to keep web applications secure. The idea is to improve your app or learn how to misuse other ones.

Thursday, June 16th, at 7 pm
One Towne Square
7th Floor, Suite 700
Southfield, MI 48076

MiSec Jackson Meetup June 14th 2016

This month we will be having a round of lightning talks!

Speaker and  Topics Below!

Samuel Bradstreet – WiFi Revolution
Luke Gorczyca – Botnets
James Green – 5 Hacks in 15 Minutes
Jim Beechey – The Kill Chain
Sam Wrona – Binary and Subnetting: The Dying Talent
Benjamin Carroll – Netlab: The Final Frontier
Daniel Ebbutt – Adventures in GDB

If you want to sign up for a lightning talk (a quick 10 minute talk) or I forgot to add you, let me know via twitter @chaoticflaws

Tuesday, June 14th, at 7 pm
Consumers Energy
One Energy Plaza`
Jackson, MI 49201

Please use the Francis Street parking deck.

#misec Path to the Dark Side – Coming up in InfoSec panel May 21st 2016

Welcome to our first joint #misec Jackson & Southfield event (and panel) of the year!

With local leaders from the worlds of private industry, consulting, and education – we will discuss topics ranging from making the transition to InfoSec to finding your path forward once you’ve made the leap. After lunch, we will open the panel to discussions with the audience in an InfoSec community event you won’t want to miss.

Featuring panelists Wolfgang Goerlich (@jwgoerlich), Jim Beechey (@jim_beechey) and more!

Get your tickets >>>>> here <<<<< (they’re free!)

Schedule
10:00 AM Event Kickoff
10:30 AM Meet & Greet
11:00 AM Panel 1st half – Questions/Topics
12:00 PM Lunch Break
1:00 PM Panel 2nd half – Wrap-up and audience discussion
2:00 PM Closing Comments

At no additional cost, we are happy to announce a free raffle with such prizes as:

Self-driven beginner’s Pentesting, Wi-fi, Windows Exploit, and Ethical Hacking training – everything you need to get started testing your lab/training network hands-on!

The Red Team Field Manual

Raspberry Pi 2.0

A Remote Control Flying Drone

You are entered to win simply by grabbing a free ticket!

See you there!

-@chaoticflaws, @vajkat, @ZenM0de

MiSec Southfield Meetup May 12th 2016

Lightning Talk: Jayson Brown is presenting: Offensive Security: Stuff you wish you could un-see and how to handle it professionally…

For our main speaker, we are excited to have J. Wolfgang Goerlich presenting: Food Fight: Analyzing the Food Supply

Bio:

J. Wolfgang Goerlich is an influential leader and IT management executive with the ability to act as a cultural change agent, driving security initiatives and raising security postures. He currently works as the Director of Security Strategy for Creative Breakthroughs Inc (CBI) and has been in the industry for over 20 years. Areas of expertise include managing culture, ITGRC, security community and mentorship, application security and team leadership.

Please note: if you hadn’t heard it yet, below is the address of our new venue

Thursday, May 12th, at 7 pm
One Towne Square
7th Floor, Suite 700
Southfield, MI 48076

MiSec Southfield Meetup April 14th 2016

We will kick things off this April with a lightning talk from Khalid Abutayeb presenting: A Red Teamers Lunch Box – Raspberry PIE Included

For our main speaker, we are excited to have our very own Mark Stanislav presenting: Hide Yo’ Kids: Hacking Your Family’s Connected Things

Abstract:
This presentation will cover security research on Internet-connected devices targeting usage by, or for, children. Mark will discuss the vulnerabilities he found during this research, including account takeovers, device hijacking, backdoor credentials, unauthorized file downloading, and dangerously out-of-date protocols & software. Devices discussed will include Internet-connected baby monitors, a GPS-enabled platform to track children, and even a Wi-Fi & Bluetooth-connected stuffed animal. Details about mobile reverse engineering, hardware hacking, network traffic analysis, and other research techniques will be presented to help others learn about methods to perform their own research.

Curious about how well your privacy and safety are being taken care of by IoT vendors? Interested in IoT security research and want to understand what flaws are being found in devices today? Skip the hype-only stunt hacking and come hear Mark discuss real-world examples of issues that actively threatened the privacy and safety of the families using connected devices. After all, if it ‘takes a village to raise a child’ it’s going to take a lot of hackers to secure them in the Internet of Things.

Bio:
Mark Stanislav is the Manager of Security Advisory Services at Rapid7. Mark has spoken internationally at over 100 events including RSA, DEF CON, SOURCE Boston, Codegate, SecTor, and THOTCON. Mark’s security research and initiatives have been featured by news outlets such as the Wall Street Journal, The Associated Press, CNET, Good Morning America, and Forbes. Mark is the co-founder of the Internet of Things security research initiative, BuildItSecure.ly. He is also the author of a book titled, “Two-Factor Authentication”.

Mark earned his Bachelor of Science Degree in Networking & IT Administration and his Master of Science Degree in Technology Studies, focused on Information Assurance, both from Eastern Michigan University. During his time at EMU, Mark built the curriculum for two courses focused on Linux administration and taught as an Adjunct Lecturer for two years. Mark holds CISSP, Security+, Linux+, and CCSK certifications.

Please note: if you hadn’t heard it yet, below is the address of our new venue

 

Thursday, April 14th, at 7 pm
One Town Square
7th Floor, Suite 700
Southfield, MI 48076

MiSec Jackson Meetup April 12th 2016

Title: My experience with Cybati at Defcon
Speaker: Kate Vajda

Talk Summary:
We have Kate giving a talk on her experience trying to win hardware in the Defcon ICS village. She will be chatting about some of the tools she discovered and how she figured out how to utilize the Cybati framework.

Bio: Kate Vajda is a long time computer enthusiast.

Tuesday, April 12th, at 7 pm
Consumers Energy
One Energy Plaza`
Jackson, MI 49201

Please use the Francis Street parking deck.

Return top

About MichSec.org

We are a collective of Michigan based information security professionals (or maybe just people interested in security) looking to share knowledge and make the world a safer place.